I havn’t shopped at Target in a long time (it’s too damned frustrating getting in and out of their parking lot) so I wasn’t affected.

But what I’d like to know is when the hell are retailers going to be forced to bear the full costs of their data breaches? Giving customers 10% off doesn’t cut the mustard.

The retailer or business involved should be required to provide free identity protection service that covers all costs (time & money) for anyone affected by the breach for a period of 10 years or something like that. And I mean THEY spend the hours on the phones with various companies, banks and whatnot, not the ID theft victim.

Until we have a business that is driven out of business complying with these requirements, there will be no incentive for proper security to be maintained.